With the proliferation of IoT, an ever-increasing number of IoT devices are being connected to a network. The IoT devices may be diverse and heterogeneous. Further, an IoT device may be part of one or more IoT networks (IoTN) at any given instant, may be mobile or stationary, and may be communicating for various purposes.
A number of challenges arise with respect to enabling effective lawful interception (LI) over the IoT networks. For example, LI can be performed for intercepting information transmitted by a Car-IoT network, in order to determine a location of the vehicle, activities performed by a suspect driver, presence of a list of IoT devices connected with the Car-IoT network, etc. Existing LI mechanism for telephone networks (Telco-LI) may provide some of this information. For example, Telco-LI can provide location information based on base station locations and hand-over (HO) activities. However, this is not precise and comes with time-lag. Also, the speed and direction information is likely to be inaccurate.
Moreover, while Telco-LI may provide information on the online activities (call, content, data) in case the activities happen through TelCo infrastructure, the nature of additional devices connected, nature of activities (transaction, etc.) of the suspect and events related to the usage of the Car-IoT including additional devices by the suspect cannot be tracked using TelCo-LI. TelCo-LI also fails to provide other information, such as driving behavior of the driver (speed pattern, route selection, change route, stoppages), activities (ex. fueling, maintenance, accessing traffic information, etc.) performed through the Car-IoT devices, etc.
There are also other attributes of Telco-LI that make it unsuitable for LI for IoT. For example, the nature of tracking for IoT can be very different depending on the nature of the IoT networks, and scope and type of investigation. Hence what is required to be tracked and the information required to be tracked can be quite different for different scenarios. Moreover, the number of devices involved and the amount of content and event information can be very large. Sending such data in original form on a real-time/semi-real-time basis to the LI is likely to impose network resource constraint and may hamper the activities those are being tracked. Also, it is likely to be a constraint on the law enforcement agency (LEA) to process such large data to extract relevant information for investigation for effective LI. Since the nature of information required from different LI probes in IoT network scenario is different in priority and frequency of tracking, the LI would require relevant and related information to be sent based on priority and frequency instead of sending raw information from individual probes. On the other hand, Telco-LI typically has standard LI probes and interfaces in the network, and may not be able to provide the configuration flexibility demanded by different types of IoT networks and devices, and for different scopes and types of investigation
Effective LI involving a lawful interception target (LITG) using a IoTN can be performed by a system using probe-topology determined according to a lawful interception specification (LISP) received from a LEA for a specific LI operation. The system generates LI information structural details based on the LISP and can determine LI information source topology and probe-topology based on the generated LI information structure. The system configures LI operation, which can include probe level configuration and probe delegation information based on probe-topology, as well as roles and responsibility assigned to the probes. The configuration of LI operation includes determining LI activation condition for the probes based on the probe-topology, as well as a frequency of LI information processing for each probe in the probe-topology. On fulfillment of LI activation conditions at a probe, the system collects data at the probe and provides the data to LEA in accordance with the received LISP.
A number of challenges arise with respect to preserving privacy of a LITG as well as the privacy of any associated non-LITG during a LI session. The LI session can gather all communication and activities of the LITG and any non-LITG associated with the LITG. Challenges arise in minimizing intrusion into privacy of the LITG as well as that of the non-LITG without compromising effectiveness of the LI.
One privacy challenge during LI in the IoTN is to ensure that the LEA only receives authorized information and nothing more about the LITG user and their associated activities. Referring back to the Car-IoTN example, the tracking information may need to be limited to a specific geographical jurisdiction. Other challenges arise in preserving privacy of a non-LITG user when one or more device(s) of the LITG user join an IoTN of the non-LTG user or when one or more device(s) of the non-LTG user join the IoTN of the LITG user. This can occur if the one or more device(s) leave a previous IoTN to join a new IoTN or if the one or more device(s) join a new IoTN while maintaining existing IoTN membership. The LI in such cases needs to be limited to authorized transaction details about LITG only and un-authorized details (personal, device or network) about the non-LITG user need to be masked from the LEA since there is no justification in probing into the private information of non-LITG users. As an example, a non-LITG passenger may be riding in the Car IoTN example described above and LI needs to exclude any information related to the non-LITG passenger.
The privacy requirements of both LITG and non-LITG users need to be balanced with the requirement of providing all authorized information to the LEA. This gets even more challenging due to variations in legal provisions of LI and privacy in different countries.
Conventional IoTN systems and methods have many limitations in providing privacy preservation mechanisms and minimizing privacy intrusion during LI. Some conventional IoTN systems and methods fail to provide any privacy preservation mechanism under LI, while some others fail to adequately address the privacy of non-LITG users. A few conventional IoTN systems and methods provide privacy by using restricted exposure (such as consent based disclosure, masking of privacy information, etc.) of LITG information to the LEA. However this can hamper the collection of authorized information during a LI session.